<? require_once("sitemap.php"); ?>
<?
$action="start";

if (!empty($_POST['action']))
{
	$action = $_POST['action'];
}
?>
<html>
	<title><? echo (":" . $HTTP_SERVER_VARS['REMOTE_USER'] . ": ". $Botname); ?>'s EL-BOT User Management</title>
<body>
<?
	if ($action=="update")
	{
		dumppost($HTTP_SERVER_VARS['REMOTE_USER']);						
		if ($_POST['isguildmember']=='on') {$isguildmember = 1;} else {$isguildmember = 0;}
		if ($_POST['istrademember']=='on') {$istrademember = 1;} else {$istrademember = 0;}
		$rank=intval(mysql_real_escape_string($_POST['rank']));
		$id=intval(mysql_real_escape_string($_POST['id']));
		$guildrank=intval(mysql_real_escape_string($_POST['guildrank']));
		$greeting=(mysql_real_escape_string($_POST['greeting']));
		$banreason=(mysql_real_escape_string($_POST['banreason']));

		$sql = "UPDATE users SET rank='$rank',isguildmember='$isguildmember',istrademember='$istrademember',greeting='$greeting',guildrank='$guildrank',banreason='$banreason' WHERE id='$id' AND botid='$botid';";
		$result = mysql_query($sql,$db);
		echo (mysql_error());
		echo "<BR>" . mysql_affected_rows() . " affected rows";
	}
	if ($action=="delete")
	{
		dumppost($HTTP_SERVER_VARS['REMOTE_USER']);						
		$id=intval(mysql_real_escape_string($_POST['id']));
		$sql = "DELETE FROM users WHERE id='$id' AND botid='$botid' LIMIT 1;";
		$result = mysql_query($sql,$db);		
		echo "<BR>" . mysql_affected_rows() . " affected rows";
	}
	if ($action=="add")
	{
		dumppost($HTTP_SERVER_VARS['REMOTE_USER']);						
		$Username=(mysql_real_escape_string($_POST['Username']));
		$rank=intval(mysql_real_escape_string($_POST['rank']));
		if($_POST['isguildmember']=='on') $isguildmember=1; else $isguildmember=0;
		$guildrank=intval(mysql_real_escape_string($_POST['guildrank']));
		if($_POST['istrademember']=='on') $istrademember=1; else $istrademember=0;
		$greeting=(mysql_real_escape_string($_POST['greeting']));
		$banreason=(mysql_real_escape_string($_POST['banreason']));
		$sql="SELECT id, name, rank, password, isguildmember, istrademember, greeting, guildrank FROM users WHERE name='$Username' AND botid='$botid' ORDER BY rank DESC, name ASC";
		$result = mysql_query($sql,$db);
		if(mysql_num_rows($result)==0)
		{
			$sql = "INSERT INTO users (name,rank,isguildmember,guildrank,istrademember,greeting,botid,banreason) VALUES ('$Username','$rank','$isguildmember','$guildrank','$istrademember','$greeting','$botid','$banreason')";
			$result = mysql_query($sql,$db);
		}
		else
		{
			echo "<BR><B><FONT COLOR='red'>$Username already exists in the database, ignoring</FONT></B>";
		}
	}
	echo (mysql_error());
?>
	<h1><? echo ($Botname); ?>'s EL-BOT User Management</h1>
	<h2>Add new member</h2>
	<form method="post" action="users.php">
	<input type="hidden" name="action" value="add">
	<table border=0 cellpadding="0" cellspacing="0">
	<tr><td>name</td><td><input type="text" name="Username" value=""></td><td><i>Player name</i></td></tr>
	<tr><td>rank</td><td><input type="text" name="rank" value="0" size="3" maxlength="3"></td><td><i>Bot rank (0 is regular user, less than 0 is banned, more than 0 gives bot abilities)</i></td></tr>
	<tr><td>isguildmember</td><td><input type="checkbox" name="isguildmember"></td><td><i>is this a member of your guild?</i></td></tr>
	<tr><td>guildrank</td><td><input type="text" name="guildrank" value="0" size="2" maxlength="2"></td><td><i>If this is a member of your guild, what rank(1-19)?</i></td></tr>
	<tr><td>istrademember</td><td><input type="checkbox" name="istrademember"></td><td><i>Does this player get preferential rates on the bot?</i></td></tr>
	<tr><td>greeting</td><td><input type="text" name="greeting"></td><td><i>Whenever the bot sees the player, a message can be sent (beware spamming though)</i></td></tr>
	<tr><td>banreason</td><td><input type="text" name="banreason"></td><td><i>If the rank is -1, you can note here why the player is banned</i></td></tr>
	<td><input type="submit" name="submit" value="ADD"></td><td><i>Click here to save this data</i></td></tr></table>
	</form><br>

	<h2>Userlist:</h2>
	<table border="1" cellpadding="0" cellspacing="0">
		<tr>
			<td align='center'>id</td>
			<td align='center'>name</td>
			<td align='center'>rank</td>
			<td align='center'>password</td>
			<td align='center'>is<br>guild<br>member</td>
			<td align='center'>guild<br>rank</td>
			<td align='center'>is<br>trade<br>member</td>
			<td align='center'>greeting</td>
			<td align='center'>Ban<br>Reason</td>
			<td align='center'>Function</td>
		</tr>
		<?php
			$result = mysql_query("SELECT id, name, rank, password, isguildmember, istrademember, greeting, guildrank, banreason FROM users WHERE botid='" .$botid."' ORDER BY rank DESC, name ASC",$db);
			echo mysql_error();

			while ($myrow = mysql_fetch_row($result))
			{
		?>
			<tr bgcolor="<?if($myrow[4]!="0")echo"lightgreen";else if($myrow[2][0]=="-")echo"#FF4444";else echo"white";?>">

			<form method="post" action="users.php">
				<input type="hidden" name="id" value="<?echo ($myrow[0])?>">
				<input type="hidden" name="action" value="update">
				<td><?echo ($myrow[0])?></td>
				<td><?echo ($myrow[1])?></td>
				<td><input type="text" name="rank" value="<?echo ($myrow[2])?>" size="3" maxlength="3"></td>
				<td><? if ($myrow[3]) {echo ("ACTIVATED");} else {echo ("DisABLED");}?></td>
				<td><input type="checkbox" name="isguildmember" <? if ($myrow[4]==1) {echo ("checked");} ?>></td>
				<td><input type="text" name="guildrank" value="<?echo ($myrow[7])?>" size="3" maxlength="3"></td>
				<td><input type="checkbox" name="istrademember" <? if ($myrow[5]==1) {echo ("checked");} ?>></td>
				<td><input type="text" name="greeting" value="<?echo ($myrow[6])?>"></td>
				<td><input type="text" name="banreason" value="<?echo ($myrow[8])?>"></td>
				<td><input type="submit" name="submit" value="UPDATE">
			</form>
			<form method="post" action="users.php">
				<input type="hidden" name="id" value="<?echo ($myrow[0])?>">
				<input type="hidden" name="action" value="delete">
				<input type="submit" name="submit" value="DELETE"></td>
			</form>
			</tr>
			<?
			}
			?>
	</table>
</body>
</html>
